This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json) Hash identifier: sYhH8QfHiCqCa+yA+CStZY4/MoRNhJBZ2NRplqZHS+8= Subject key identifier: 19:5C:19:59:22:69:79:3B:A7:EF:76:CD:25:A9:B4:EA:45:B9:A6:B6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 57C475C7A029C3764444B6674F3C8FAD3F9A0A02 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa Signing time: Sat 15 Nov 2025 06:00:53 +0000 ROA not before: Sat 15 Nov 2025 06:00:53 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02b:800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:c4:75:c7:a0:29:c3:76:44:44:b6:67:4f:3c:8f:ad:3f:9a:0a:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:53 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=37ec29c45c554b376de40ac121872d643baa22456e0bae57172e85f56d52b1b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a3:4e:92:98:bf:40:0b:a5:48:3d:b4:5b:25: 99:20:d2:ea:ce:60:46:42:da:fb:d1:cb:04:6b:25: 1f:66:95:73:1d:e9:89:bd:7d:bd:7b:fc:db:b0:32: 6a:ad:b1:aa:f1:a8:af:f9:cb:41:51:79:ed:73:ba: e4:f2:d2:5e:c7:9e:91:35:70:ed:7d:4d:90:84:3d: 9a:38:ce:96:18:ee:a2:38:44:7e:56:3f:b0:3a:81: d5:ca:e0:82:05:46:70:1a:75:ce:82:f0:a5:b1:21: 2e:08:1f:42:80:df:b6:99:f5:f5:7f:33:da:51:4c: fc:7f:57:59:db:48:a2:db:0f:54:1c:91:e5:55:55: e6:bf:12:07:7e:3b:d2:ba:6c:6e:c5:df:d5:0d:3a: 58:ff:36:8c:b9:f8:eb:e1:99:66:ef:32:e6:62:b7: a2:71:97:c0:a2:cd:e3:24:c1:8a:6d:e5:d9:a6:75: ea:2f:5f:7b:7e:b1:00:19:92:b3:ae:8b:a3:71:0a: 0f:6a:82:5f:e4:b9:85:96:11:2c:15:e8:5f:a5:1d: 36:e2:7a:e7:61:cf:54:f1:7c:51:e0:e5:cb:d8:fa: c3:95:7d:3d:e3:33:63:59:ff:2c:68:07:2e:0b:a0: 23:4a:c3:15:67:42:d2:6e:f4:db:65:08:1f:9e:1b: 8a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:5C:19:59:22:69:79:3B:A7:EF:76:CD:25:A9:B4:EA:45:B9:A6:B6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02b:800::/37 Signature Algorithm: sha256WithRSAEncryption 63:20:a6:9c:47:2f:60:ca:b1:5b:39:40:33:3b:b1:73:8e:a7: da:ad:1c:35:c9:a7:ea:aa:33:e0:37:1e:88:32:5d:a1:4f:b1: 7a:92:39:03:a1:80:54:91:bb:69:9d:9c:70:b8:da:4d:5d:ec: 7d:d1:cc:d2:d9:ba:2c:1b:a9:7f:7d:5a:83:96:58:9c:f3:34: 8d:b2:d9:3a:57:17:f8:55:f8:74:d3:85:9e:4f:33:6b:67:71: 78:a5:af:26:68:bd:f1:cb:1e:03:8d:87:fb:e4:a8:8e:f6:fc: b9:b5:70:91:5f:66:ae:67:45:30:5a:1a:33:3f:3b:1c:d7:07: 23:c6:9e:47:89:66:5a:bc:b3:f2:7b:d1:ff:fc:0a:d8:bc:c5: 97:bf:9a:dc:3c:ee:33:c1:cb:8d:bc:75:9c:ee:45:17:f2:06: d1:e1:8f:24:da:ee:ff:f1:cc:92:49:2b:ee:18:b9:ac:58:74: ab:75:85:54:df:3a:bd:58:ce:69:c6:85:23:ea:90:da:3b:97: cf:b5:6b:59:e7:21:ea:8d:2f:b3:76:7b:1f:99:52:a2:bf:80: 3d:af:b3:f3:db:b4:70:4a:c2:0a:1d:37:82:25:67:82:70:60: 70:df:ab:45:0c:5f:09:4b:2d:79:06:47:75:3e:3e:03:5e:cb: 6d:59:c6:31 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUV8R1x6Apw3ZERLZnTzyPrT+aCgIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwNTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM3ZWMyOWM0NWM1NTRiMzc2ZGU0MGFjMTIxODcyZDY0M2JhYTIyNDU2ZTBi YWU1NzE3MmU4NWY1NmQ1MmIxYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMijTpKYv0ALpUg9tFslmSDS6s5gRkLa+9HLBGslH2aVcx3pib19vXv827Ay aq2xqvGor/nLQVF57XO65PLSXseekTVw7X1NkIQ9mjjOlhjuojhEflY/sDqB1crg ggVGcBp1zoLwpbEhLggfQoDftpn19X8z2lFM/H9XWdtIotsPVByR5VVV5r8SB347 0rpsbsXf1Q06WP82jLn46+GZZu8y5mK3onGXwKLN4yTBim3l2aZ16i9fe36xABmS s66Lo3EKD2qCX+S5hZYRLBXoX6UdNuJ652HPVPF8UeDly9j6w5V9PeMzY1n/LGgH LgugI0rDFWdC0m7022UIH54biocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZXBlZ Iml5O6fvds0lqbTqRbmmtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI MA0GCSqGSIb3DQEBCwUAA4IBAQBjIKacRy9gyrFbOUAzO7FzjqfarRw1yafqqjPg Nx6IMl2hT7F6kjkDoYBUkbtpnZxwuNpNXex90czS2bosG6l/fVqDllic8zSNstk6 Vxf4Vfh004WeTzNrZ3F4pa8maL3xyx4DjYf75KiO9vy5tXCRX2auZ0UwWhozPzsc 1wcjxp5HiWZavLPye9H//ArYvMWXv5rcPO4zwcuNvHWc7kUX8gbR4Y8k2u7/8cyS SSvuGLmsWHSrdYVU3zq9WM5pxoUj6pDaO5fPtWtZ5yHqjS+zdnsfmVKiv4A9r7Pz 27RwSsIKHTeCJWeCcGBw36tFDF8JSy15Bkd1Pj4DXsttWcYx -----END CERTIFICATE-----Generated at Sat Dec 6 18:34:26 2025 by rpki-client